Password protecting a single file in .htaccess

Although we have an article on password protecting directories in the cPanel, there may be times when the structure of your program does not allow the movement of files. This is more common with Content Management Systems such as Wordpress or the Premium Website Builder. You may want or need to protect a single file from random outside access. For example, you may want to set one of your pages up to only be accessed by a certain group. Moving the file to another folder is impossible due to the coding of the site. This article will demonstrate how to password protect a single file via your .htacess file. This allows you to set the access to a specific username and password while keeping the file in the mandatory location.

How to password protect a single file in .htaccess

The first step is to create the username and password you want to use for the access. You want to use an encrypted password for extra security. This is not done via the cPanel, but needs to be done from an external site. Penn State University has a page that will do that for you. Simply enter the desired username and password and click on Submit. It will then produce a line of code to be used later. Be sure to store that line of code somewhere such as a notepad file while as you will need it later to add to your password file.

After logging in, enter the File Manager. Be sure to have the Show Hidden Files option connected and enter the File Manager at the Home Directory.

From the Home Directory you will create a new file. While you can name it anything you like, be sure to begin the name with a . (.htpass, .htpasswd, .abc123) In our example, we will name it .htpasswd

Now that the file is created, we need to edit it to insert the password code we generated. Click on the Edit icon found in the toolbar at the top of the page.

Once in the editor, insert the password code you generated earlier and click on the Save Changes button to save it.

We now need to move to the root folder for your domain. In the case of your primary domain, this will be the public_html folder. For addon domains, the folder will be public_html/addondomain.com. Once in the folder, look for your .htaccess file. If you do not see one, you will need to create a new one. Once you find or create the .htaccess file, click on the Edit icon from the upper toolbar.

This takes you to an editor similar to the one used to insert the password code. Copy and paste the following code into the .htaccessfile. This is a template we will edit for the password configuration.

Edit the first line, AuthUserFile /path/to/htpasswd/file/.htpassword to represent where the passowrd file is locate. Your code should look like the following (be sure to replace userna5 with your cPanel username).

/home/userna5/.htpasswd

The next line of code needs to be changed to something recognizable, this will be the title of the login box that will appear when someone attempts to access the file. Below is our example.

AuthName "Members Only"

The last line of code we need to edit is the <files> require valid-user </files>. Here we will simply add the name of the file in the beginning tag as per our example.

<files "members.html"> require valid-user </files>

Once you have finished editing the file, your code should look similar to our example below. Click on the Save Changes button to finalize it. Be sure to visit the page to ensure the login request pops up. Once you log in, the site will remember you and not ask again from the same browser unless you clear the browser cache.

The article is too difficult or too technical to follow.
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.

How did you find this article?

Please tell us how we can improve this article:

Email Address

Name

new! - Enter your name and email address above and we will post your feedback in the comments on this page!